eCommerce has been growing ever since the pandemic started two years ago, and business owners need to protect against all types of online fraud. Today there are ways to order online, get your product delivered locally, order online, pick up curbside, order online, pick up in-store. Many businesses are starting to figure out how to deliver locally or are linking up local delivery services to deliver locally to their customers. So how can you protect against online fraud?
How to Protect Your eCommerce Business
I always tell people to start with your website. I recommend using WordPress because it won’t lock you into specific payment methods or processors. You’ll also need to configure your gateway and velocity settings to prevent a robot from running thousands of transactions on your site, creating many chargebacks. Ensure you configure your fraud features with AVS address verification and CVV, where you’re getting the last three digits from the credit card. Your website will also need an SSL certificate, and the hosting company needs to be PCI compliant.
You don’t have to worry much about scanning because your web hosting services and gateway providers will have built-in protections. I recommend using WordPress security plugins, such as Wordfence. People are starting to move to WordPress-managed hosting because they have PCI compliance. In recent news, a massive credit card breach involved a web hosting platform; PCI compliance is in the news a lot.
Prevent Multiple Types of Attacks
With phishing attacks through email and text messaging and instant message fraud, identity theft is also rising. An unsuspecting receiver gets informed by email that their bank account may have been compromised. The next thing you know, you’re downloading an executable file that’s putting a key logger on your system. That’s what happened at this web host. Somebody sent malicious malware through an email or instant message. A good rule is “just don’t click.”
Crypto fraud is another emerging trend, from criminals who drop NFTs into wallets. When you get a free NFT, they have your information, and then they send another message that says, “log into your wallet,” to get your log-in credentials. Be careful of these phishing attacks and monitor your credit. Sign up for Experian; Credit Karma will notify you when someone runs a credit check. Bam.
Add Maintenance Plugins
If you’re selling products on the eCommerce side of things, make sure you’re keeping your plugins, theme, and content management system (WordPress) up to date. In my experience, most hacked websites become vulnerable to a lack of website maintenance. Please don’t wait until it’s too late to update your site. Because the next time you look at your site, you could see something that’s not your website.
You don’t need an expensive server or website host; there are free plugins that can keep your site secure. Keep your files backed up so you can repopulate your website if it gets hacked.
What are other types of eCommerce fraud prevention available? There’s 3DSecure, which is a widget you put on your checkout page that authenticates users by confirming they are using their devices. 3DS puts a checkmark next to transactions and prevents chargebacks.
AVS settings match address and CVV codes, another critical protection. The service will warn you if a receiver’s address is a P.O. box. It’s dangerous to ship to that kind of location because people who rent mailboxes can use fake names.
It’s vital to secure your website and social media with good passwords and two-factor authentication. Put domains you want to keep on auto-renewal and ensure your credit card information is updated. You also have the option to set domains private when you register them.
Keep Domains Privacy Policy and Terms & Conditions Updated
Having a compliant website is essential. Make sure all your registrations are up to date, and security features are activated and up to date. Often, merchants will say, why do I need this? Why do I need that? I don’t make the rules. The card brands and banks make the rules and want to see certain things on a website:
- They want to know that you have terms and conditions.
- They want to see you have a privacy policy.
- They want to make sure you have a shipping policy and don’t ship to the mailbox.
- You can prevent a lot of chargebacks by having updated contact information, including the name of your company, your DBA, your address, your phone number, your email address.
- Ensure your return policy and terms are clear
- Your policies are there to protect you and need to be specific.
- If you’re going to do a lot of business, you may need a widget on there so that people can go back in and check on their order and see their tracking number, and cut down on telephone calls.
Every business today needs a website. To find out more about e-commerce, visit Nationwide Payment Systems today. We can help you get set up to accept all types of payments, including accepting cryptocurrency on your website. We work with all kinds of businesses.
Carpe Diem
